On the importance of foundational texts

Every field of study has a set of foundational texts. They may not reflect the state of the art in modern times, but students and practitioners in a given field generally need at least a passing familiarity with them to claim any significant expertise.

Understanding honeypots on two axes

With the release of Modern Honey Network by our friends at ThreatStream, lots of folks have started to pay attention to honeypots as a data source again. Traditionally, we have classified honeypots based on their level of interaction. Low-interaction honeypots provide a relatively small surface to an attacker, who can’t do much beyond the initial contact. High-interaction honeypots, in contrast, simulate as much of a system as possible. This approach allows the attacker to take many different types of actions. Generally, the level of interaction available depends on the underlying platform (kippo, netcat, dionaea, etc.)

Maximum likelihood decoding in Python

In fulfillment of one of my 2015 goals, I started reading A Book of Abstract Algebra by Charles Pinter this year. Reading a math book isn’t the same as reading most prose. You have to engage with the text in a different way, doing at least as much as reading. Among other things, many books include much of their content in the exercises. Pinter definitely is one of those books.

Tech goals for 2015

In preparing for battle, I have always found that plans are useless but planning is indispensable. - President Dwight Eisenhower